What Does Your Business Need To Be Secure?

20

Jan

Written by Chris Thornton, 20 January 2016

Every business needs a cyber-security policy but understanding the role and function your defences is key to a successful strategy...

Given the range of cyber-threats small businesses face, knowing how to defend ourselves properly can be daunting. The idea that cyber-security is unnecessary or unaffordable for SMEs is far from the truth: with hackers and other malicious entities increasingly targeting small business, now is the time to ensure your defences are built on solid foundations.

Building Security

Many small business owners and managers fail to think carefully enough about the security needs of their organisation - and end up building a plan that leaves vulnerabilities. A firewall is no use if you don't keep your software updated, similarly, installing antivirus software is unhelpful if your employees don't understand how to recognise malware threats...

So, what are the foundations of your cyber-security plan - and what function do they serve?

Anti-virus

Threat: Viruses are a prolific security threat to SMEs and will attack your network from any number of sources. From phishing scams to suspect websites, your network needs to be ready to intercept threats before they can wreak havoc.

Defence:

Securing your system against viruses means working with software and employees

Install antivirus software on every device and keep it updated

Restrict access to websites which may harbour viruses

Ensure employees are trained to identify and avoid virus threats

Firewalls, Encryption & Physical Protection

Threat:Unsecured networks may be penetrated by hackers anywhere in the world - and infected with an array of viruses and malicious software. Weak passwords and login protocols invite the attentions of hackers, but thieves can also gain access physically through a stolen device.

Keep careful track of all personal devices to reduce the risk of theft

Virtual Private Network (VPN)

Threat: Your on-premises network may be sufficiently protected, but if your employees want to connect remotely through unsecured networks (like cafes or clients' offices), their devices may present a vulnerability hackers can exploit.

Defence:

Setting up a virtual private network offers employees a way to connect remotely to your on-site network and access files, applications or resources safely and securely

Back-ups can be hosted on-site, in networked storage servers, or online with a cloud service provider

For maximum protection, you could tailor your company's backup strategy to incorporate a hybrid mix of on and off-site back-up

Evolving Defence

Cyber-security strategy is about much more than software and hardware. While you can bolster cyber-security with a range of measures, the most valuable defensive tools you have are your employees, who are best placed to react to an evolving landscape of threats.

By encouraging a culture of safety and security, your strategy will become part of your everyday work processes. Take care of the basics: securing files, changing passwords, updating software and keeping track of devices to prevent theft... as a business owner, how you protect your network is just as important as what you are protecting.

When an infection occurs, the damage can be varied, from performance issues to theft of personal information or data loss. In the most severe cases, how your organisation reacts could make all the difference to your recovery...